1. Field of the Invention
The present invention relates to a method for distributing encryption keys in a wireless network, and more particularly, to an encryption key distribution method capable of performing fast roaming by differentially distributing encryption keys in advance, according to access authorization classes in a wireless access network and a roaming method using distributed encryption keys.
2. Description of the Related Art
In a wireless network, to guarantee confidentiality of data and user authentication, data is encrypted prior to transmission. For encryption, an encryption key is needed. At present, an encryption key is shared between a wireless station (STA) and an access point (AP) in advance of access.
However, the number of wireless local area network (LAN) users is continuously increasing. But the time required for exchanging encryption keys during roaming or a hand-off is too long. This is due primarily to the method of sharing encryption keys at the roaming time. Accordingly, when the mobile characteristic of the wireless LAN is considered, the existing encryption key exchange method causes inconvenience to users.
Therefore, it is desirable that the delay time caused by exchanging encryption keys during roaming or hand-off is minimized. To this end, it is desirable that encryption keys are differentiated according to access authorization classes based on the attributes of users.
In a wireless access network, in order to perform encryption in a wireless link, STAs share encryption keys with APs. When a STA is roaming between APs or a hand-off occurs, the STA initiates a process for obtaining from the APs a shared key used for encryption. At this time, the biggest problem against fast secure roaming of the STA is the delay time caused by exchanging encryption keys.
In the prior art, in a wireless network formed of a wide area network (WAN), LANs, APs, and STAs, all STAs connected to one AP use an identical encryption key. Accordingly, when a STA is trying to access another AP included in the same LAN or another LAN the STA should use another encryption key. Also, whenever there is roaming or a hand-off, the STA should receive another corresponding encryption key.
Accordingly, in existing methods, whenever an STA is roaming or there is a hand-off between APs, the STA must initiate the process of obtaining from the AP an encryption key. Therefore, it is difficult to perform fast secure roaming when an STA is in motion.